main

Attack MitigationSecurity

Looking Past the Hype to Discover the Real Potential of AI

January 22, 2019 — by Pascal Geenens1

AI-960x439.jpg

How can organizations cut through the hype around AI to understand the most important issues they should be addressing? How can they incorporate AI into their security strategies now to take advantage of the technology’s ability to detect and mitigate attacks that incorporate the same capabilities? Pascal Geenens, Radware’s EMEA security evangelist, weighs in.

What is the threat landscape, and how disruptive is it likely to be?

In the near term, cybercriminals will mainly use AI to automate attacks and improve evasion capabilities against detection systems and to increase the scale and reach of the threats. Expect to see AI used to automatically breach defenses and generate more sophisticated phishing attacks from information scraped from publicly accessible web sources. The scale of attacks will quickly escalate to volumes that we have never experienced before.

On the evasive side, machine-learning systems such as generative adversarial networks (GANs) can automatically create malware that is harder to detect and block. This technique has already been demonstrated by researchers. The MalGAN research project proposed a GAN to create evasive malware that goes undetected by all modern anti-malware systems, even the systems based on deep learning.

[You may also like: How Cyberattacks Directly Impact Your Brand: New Radware Report]

In the first phase, AI will be used to improve current attack tools to make them more harmful and difficult to detect.

Machine learning and automation can be leveraged to find new vulnerabilities, especially in large public clouds where cloud native systems are being built based on widely reused open-source software frameworks. Platforms running this software will become primary targets for vulnerability scanning.

Given that open-source code is readable and accessible by both criminals and security researchers, this platform may become the next battlefield with an associated “arms race” to  discover, abuse or fix vulnerabilities.  Deep learning will provide an advantage  in discovering new vulnerabilities based on code. While open source is an easier target, even closed-source software will not escape automated attacks based on the learning process of the attack program.

Looking further ahead, I can imagine large cybercrime organizations or nation-states using AI. Where machine learning was previously used mainly for automating attacks, now AI systems such as genetic algorithms and reinforced learning will be used to automatically generate new attack vectors and breach all kinds of systems, whether cloud, IoT or ICS. Then, combine this capability with the automation of the first stage. We will face a fully automated, continuously evolving attack ecosystem that will hack, crack and improve itself over time with no limits in scale or endurance.

[You may also like: DevOps: Application Automation? The Inescapable Path]

Cybercriminals could move from being the actual hackers, performing the real attack and penetrating defenses, to becoming maintainers and developers of the automated AI hacking machine. Machines will do the hacking; humans will focus on improving efficiency of the machines.

What vulnerabilities will make targets more attractive to criminals once AI is incorporated in their tools? How will it affect corporate espionage?

Ultimately every organization will be digitally transformed and become a primary target for automated attacks. Which targets are chosen will be solely dependent on the objective of the attack. For ransom and extortion, every organization is a good candidate target. For corporate espionage, it depends how much organizations are willing to pay to secure intellectual property in certain areas. It’s fair to say that, by definition, every organization can — and, at some point, will — be a target.

What about politically motivated cyberattacks initiated at the national level?

We’ve already witnessed attacks meant to influence public  opinion and the political landscape. Such attacks are likely to grow and become more difficult to identify early in the process and to protect against once attackers leverage deep learning and broader AI technologies. Attackers have already produced automatically generated messages and discussions, as well as “deep fake” videos that are created by AI algorithms.

[You may also like: Hacking Democracy: Vulnerable Voting Infrastructure and the Future of Election Security]

Influencing what topics are important and  manipulating opinions are becoming new weapons of choice for nation-states. Social platform providers need to take a stance and remain as clean as possible by dedicating much of their own AI-assisted automated detection systems to stay ahead of cybercriminals and others that create and improve AI-assisted automated systems for fake content creation.

From a defense perspective, what types of AI-based products will be used to combat more technologically savvy cybercriminals?

There’s a saying in our industry that “you cannot stop what you cannot detect.” Cybersecurity has become automated for the sake of the detection of new, increasingly complex and continuously adapting threats, and deep learning is improving that capability. AI, in the broad sense of the term, will probably come into play in the near-term future rather than immediately. The current state of AI in the defense discussion is confined to the traditional machine learning, and while deep learning shows a lot of promise, it is still too challenged to be used for automated mitigation. More intelligent and self-adaptive systems, the domain of AI, are still further out when it comes to automating our cyberdefenses.

Will the use of AI-based attacks by cybercriminals drive adoption of AI-based mitigation solutions by enterprises, organizations and institutions?

Yes, but not necessarily at the same pace. There are three factors to consider — the attack vector, its speed and its evasion technique:

  1. For example, using AI for phishing does not affect the victim in terms of change in attack vector, but it does increase the scale and number of targets, compelling every organization to improve its This protection might include AI-based systems, but not necessarily.
  2. On the other hand, as attacks get more automated, organizations will have to automate their security to ensure that they keep on top of the rising number and accelerated speed of attacks.
  3. When new evasion techniques based on AI are leveraged by cybercriminals, it will ultimately lead to the use of better detection systems that are based on AI.

Read “The Trust Factor: Cybersecurity’s Role in Sustaining Business Momentum” to learn more.

Download Now

Security

Automating Cyber-Defense

December 14, 2018 — by Radware0

AdobeStock_206119634-960x545.jpg

AI has potential to make the lives of security professionals a lot easier – but it should be approached with caution. Deep learning is a useful tool to optimize and validate security posture. But until we overcome some of its challenges, positive security models and behavioral algorithms that are deterministic and predictable are still more effective for defense and mitigation.

Pascal Geenens, Radware’s EMEA Security Evangelist, recently spoke with Business Reporter about automating cyber-defense. Watch the interview below and read his accompanying article here.

2018 Mobile Carrier Ebook

Read “Creating a Secure Climate for your Customers” today.

Download Now

Attack Types & VectorsDDoSSecurity

Has Cyber Security Reached Its Limits?

January 16, 2018 — by Ben Zilberman0

Hackermanstealinformation-1-960x576.jpg

Thoughts from Radware’s Global Application and Network Security Report

  • Rise of cryptocurrency trade and value boosts attacks;
  • Notorious attacks of the year point at the human factor to blame;
  • Machine-learning technologies are not fully mature nor broadly adopted;
  • Despite a notion of tolerance, in one of four cases customers will take action against a targeted organization;
  • IoT devices power more effective DDoS attacks, but nobody takes responsibility to patch the known holes;
  • Data Leakage is the number one concern of organizations today.

These are just a handful of insights from Radware’s 2017-2018 Global Application and Network Security Report, providing a comprehensive view of the industry trends and evolutions. 2017 was an eventful year, with global cyber-attack campaigns that grabbed headlines in mainstream media and affected the lives of many, in particular the WannaCry, NotPetya and BadRabbit ransom sprees, as well as Equifax and Forever 21 data leaks. Let’s take a closer look at 2017 trends and 2018 predictions:

Security

AI Considerations in Cyber Defence Automation

December 14, 2017 — by Pascal Geenens2

ai-automation-960x598.jpg

When Apple unveiled the iPhone X, it catapulted artificial intelligence and machine learning into the limelight. Facial recognition became a mainstream reality for those who can afford it. A few months later, Vietnamese cyber security firm Bkav claimed it was able to bypass the iPhone X’s Face ID using a relatively inexpensive $150 mask. The claim is still up in the air and while it has not been accepted to its full extent, no one was actually able to refute the claim based on scientific facts.

DDoSSecuritySSL

Cyber Security Predictions

December 12, 2017 — by Carl Herberger2

cyber-security-predictions-2018-960x640.jpg

2016 was the Year of DDoS. 2017 was the Year of Ransom. Can we assess leading indicators of new attack techniques and motivations to predict what 2018 will bring? The answer is a resounding “yes.” We believe 2018 will be the Year of Automation—or, more precisely, big, bad attacks on automated technology processes. Here are four reasons why.

Application DeliverySecurityService Provider

Mobile World Congress – Is It Over Yet?

March 14, 2017 — by Louis Scialabba1

mobile-world-congress-960x640.jpg

Four Days. Four days is what is takes for 108,000 technologists to gather in the enchanting city of Barcelona to tell the world what they can expect to experience in the future of mobile communications. Four days is also about the number of days it takes to recover from sleep deprivation, work backlog, and the general buzz that one experiences by being part of the spectacle as grand and electrifying as Mobile World Congress.

The nice part about reflecting on MWC 2017 is that it is very easy to select a handful of themes that permeated throughout all the exhibition halls, keynotes, and hallway chatter. For me, this is the list: IoT, 5G, Virtualization, and Artificial Intelligence.